﻿using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using ControlCenter.Model;
using ControlCenter.Operation;
using ControlCenter.Model.WebApiDto;
using MingYuanYun.Context.Abstractions;
using MingYuanYun.Exception;
using MingYuanYun.Utility;

namespace ControlCenter.ApplicationService
{
    /// <summary>
    /// 身份授权服务类
    /// </summary>
    public class AuthService : ApplicationServiceBase, IAuthService
    {
        private const string SecurityKey = "MYRPA";
        private readonly IMyUsersOperation _myusersOperation;

        /// <summary>
        /// 类初始化
        /// </summary>
        /// <param name="context"></param>
        public AuthService(IServiceContext context) : base(context)
        {
            _myusersOperation = this.GetService<IMyUsersOperation>();
        }

        /// <summary>
        /// 账号登录验证
        /// </summary>
        /// <param name="userName">账号</param>
        /// <param name="pwd">密码</param>
        /// <returns></returns>
        public async Task<Tuple<bool, string>> CheckLogin(string userName, string pwd)
        {
            //参数校验
            ValidateCheckLogin(userName, pwd);

            var user = await _myusersOperation.Find(userName);
            CheckUserPwd(user, pwd, false);

            return new Tuple<bool, string>(true, "");
        }

        /// <summary>
        /// 修改密码
        /// </summary>
        /// <param name="paramDto">请求参数</param>
        /// <returns></returns>
        public async Task<Tuple<bool, string>> ModifyPwd(ModifyPwdDto paramDto)
        {
            //参数校验
            ValidateModifyPwd(paramDto);

            //检查旧密码是否正确
            var user = await _myusersOperation.Find("admin");//TODO:从授权上下文中获取用户ID
            CheckUserPwd(user, paramDto.OldPwd, true);

            //处理数据
            user.Password = paramDto.NewPwd;
            var updateSuccess = await _myusersOperation.Update(user);
            return new Tuple<bool, string>(updateSuccess, updateSuccess ? "":"数据保存失败");
        }

        #region 私有方法
        /// <summary>
        /// 检查输入的密码是否和数据库中的一致
        /// </summary>
        /// <param name="user"></param>
        /// <param name="oldPwd"></param>
        /// <param name="isModifyPwdMode"></param>
        private void CheckUserPwd(MyUsers user, string oldPwd, bool isModifyPwdMode)
        {
            ExceptionAssert.IsNull(user, "账号或密码错误");
            if (!string.Equals(oldPwd, user.Password, StringComparison.OrdinalIgnoreCase))
            {
                throw new BusinessException(isModifyPwdMode ? "旧密码错误" : "账号或密码错误");
            }
        }

        /// <summary>
        /// 账号登录时参数校验
        /// </summary>
        /// <param name="userName"></param>
        /// <param name="pwd"></param>
        private void ValidateCheckLogin(string userName, string pwd)
        {
            ExceptionAssert.IsNullOrEmpty(userName, "账号不能为空");
            ExceptionAssert.IsNullOrEmpty(pwd, "密码不能为空");
        }

        /// <summary>
        /// 修改密码前参数校验
        /// </summary>
        /// <param name="paramDto"></param>
        public void ValidateModifyPwd(ModifyPwdDto paramDto)
        {
            ExceptionAssert.IsNull(paramDto, nameof(paramDto));
            ExceptionAssert.IsNullOrEmpty(paramDto.OldPwd, "旧密码不能为空");
            ExceptionAssert.IsNullOrEmpty(paramDto.NewPwd, "新密码不能为空");
        }
        #endregion

    }
}
